Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 534
Alerts This Week
Warning Icon 1 534

Scientific Linux SLSA-2014:0292-1 Critical Security Update for 389-ds-base

Scientific Large Esm H446
Important: 389-ds-base security update
Date: Thu, 13 Mar 2014 20:10:43 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: 389-ds-base on SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Important: 389-ds-base security update
Advisory ID: SLSA-2014:0292-1
Issue Date: 2014-03-13
CVE Numbers: CVE-2014-0132
--

It was discovered that the 389 Directory Server did not properly handle
certain SASL-based authentication mechanisms. A user able to authenticate
to the directory using these SASL mechanisms could connect as any other
directory user, including the administrative Directory Manager account.
This could allow them to modify configuration values, as well as read and
write any data the directory holds. (CVE-2014-0132)

After installing this update, the 389 server service will be restarted
automatically.
--

SL6
 x86_64
 389-ds-base-1.2.11.15-32.el6_5.x86_64.rpm
 389-ds-base-debuginfo-1.2.11.15-32.el6_5.i686.rpm
 389-ds-base-debuginfo-1.2.11.15-32.el6_5.x86_64.rpm
 389-ds-base-devel-1.2.11.15-32.el6_5.i686.rpm
 389-ds-base-devel-1.2.11.15-32.el6_5.x86_64.rpm
 389-ds-base-libs-1.2.11.15-32.el6_5.i686.rpm
 389-ds-base-libs-1.2.11.15-32.el6_5.x86_64.rpm
 i386
 389-ds-base-1.2.11.15-32.el6_5.i686.rpm
 389-ds-base-debuginfo-1.2.11.15-32.el6_5.i686.rpm
 389-ds-base-devel-1.2.11.15-32.el6_5.i686.rpm
 389-ds-base-libs-1.2.11.15-32.el6_5.i686.rpm

- Scientific Linux Development Team